Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79bee52-f4ce-4ffe-a0eb-b634b07203f1.roa
File:                     c79bee52-f4ce-4ffe-a0eb-b634b07203f1.roa (raw, json)
Hash identifier:          cb3dgZ5bE5xkWp12O0XiJN7J2C74R0oCgcsTY2AgD6k=
Subject key identifier:   5F:3B:7D:D8:C7:BB:5C:7B:2D:9C:0C:23:0D:F8:4E:B5:A5:BA:3F:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12045040483E57498BD2ADDB2FA3560666840475
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79bee52-f4ce-4ffe-a0eb-b634b07203f1.roa
Signing time:             Thu 13 Nov 2025 00:50:11 +0000
ROA not before:           Thu 13 Nov 2025 00:50:11 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        72.44.34.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:04:50:40:48:3e:57:49:8b:d2:ad:db:2f:a3:56:06:66:84:04:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:50:11 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=34757a2f6940a25f9528f6e678f80f04bb733625899165919e99e540a1b17b17, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:01:d0:d2:1f:8f:76:a6:56:c6:26:f2:a2:8c:
                    71:a6:14:b9:d5:01:63:70:69:a6:9e:40:4d:2a:f4:
                    76:90:f4:db:8d:10:22:9c:b3:f9:01:a7:ed:f9:8c:
                    81:ba:fc:41:49:d8:69:f6:15:8f:17:2d:87:14:fc:
                    94:65:05:7f:4a:0d:68:1b:f8:1c:1f:9a:d8:58:97:
                    ce:54:c2:72:43:78:13:00:ed:3b:69:3f:64:f3:33:
                    cd:a5:7c:0d:af:0e:69:63:79:b2:62:55:ca:ac:25:
                    ce:4c:04:f3:8f:f0:ef:c9:bf:9b:4c:26:6a:23:d3:
                    06:67:29:10:2c:f7:01:3b:55:0d:e3:8f:3e:3f:1c:
                    41:2d:1c:4c:75:af:67:1c:0c:56:ac:08:50:c8:8b:
                    aa:db:dd:e3:25:0b:9d:03:c6:c1:39:3e:43:9b:08:
                    b3:e4:23:a7:a4:6b:3a:17:d6:16:d2:f6:99:cc:8c:
                    41:b6:21:29:70:68:52:73:3c:2d:b5:2a:f9:72:22:
                    0e:52:7d:e7:59:65:4a:37:ed:4d:bf:86:db:5b:e5:
                    79:76:3f:97:06:e9:d7:58:9f:24:8a:e5:4e:4a:98:
                    5b:92:52:2d:ca:7e:e9:d2:fd:b3:d6:d4:1f:b4:3c:
                    7b:77:28:3a:cc:6c:d3:aa:d9:65:f6:6d:b1:cb:bb:
                    5b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:3B:7D:D8:C7:BB:5C:7B:2D:9C:0C:23:0D:F8:4E:B5:A5:BA:3F:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79bee52-f4ce-4ffe-a0eb-b634b07203f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.44.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b0:c3:1b:dd:05:f8:18:2c:80:45:75:42:af:71:1f:9e:c0:77:
         71:95:1d:9a:68:1d:f3:4e:59:a8:ce:bd:3c:62:b9:fd:be:51:
         f7:9e:c4:67:2f:20:69:0c:d6:b5:e1:0a:0d:62:d5:11:4e:30:
         59:ef:68:10:4f:4c:fb:cb:f4:57:d6:1d:1c:e1:06:6f:3e:c3:
         22:0f:35:2e:42:f5:66:1a:b7:95:3c:d5:2f:d1:0e:45:5c:ef:
         f0:34:94:70:9a:f8:6b:9d:0e:3a:de:af:63:31:6d:57:eb:9a:
         9c:55:21:8c:f7:a7:3f:fa:c6:fc:58:2f:53:db:04:c2:2f:a2:
         b7:69:24:3a:3a:c6:77:e0:2b:6b:29:d2:c2:7d:f4:12:89:ff:
         b5:c0:51:30:5d:1f:8e:03:3c:a9:38:85:ee:06:e1:a2:29:05:
         95:c5:d7:a2:74:37:bc:ce:7b:c8:a3:af:bf:01:30:b1:06:22:
         9e:21:aa:ea:51:b2:30:29:ac:a4:1d:88:c9:62:60:6d:e9:a1:
         fa:74:da:90:40:85:6a:c0:ce:8a:91:55:bf:40:6c:fc:33:80:
         14:12:ab:30:c6:7b:b2:d8:70:8f:1c:a5:dd:f0:9c:42:79:d2:
         96:fc:f4:1e:e3:57:25:0c:a9:41:a1:27:02:0e:76:08:c7:50:
         fc:12:ae:45
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEgRQQEg+V0mL0q3bL6NWBmaEBHUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDA1MDExWhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDc1N2EyZjY5NDBhMjVmOTUyOGY2ZTY3OGY4MGYwNGJi
NzMzNjI1ODk5MTY1OTE5ZTk5ZTU0MGExYjE3YjE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkAdDSH492plbGJvKijHGmFLnVAWNwaaaeQE0q9HaQ9NuN
ECKcs/kBp+35jIG6/EFJ2Gn2FY8XLYcU/JRlBX9KDWgb+BwfmthYl85UwnJDeBMA
7TtpP2TzM82lfA2vDmljebJiVcqsJc5MBPOP8O/Jv5tMJmoj0wZnKRAs9wE7VQ3j
jz4/HEEtHEx1r2ccDFasCFDIi6rb3eMlC50DxsE5PkObCLPkI6ekazoX1hbS9pnM
jEG2ISlwaFJzPC21KvlyIg5SfedZZUo37U2/httb5Xl2P5cG6ddYnySK5U5KmFuS
Ui3KfunS/bPW1B+0PHt3KDrMbNOq2WX2bbHLu1vHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXzt92Me7XHstnAwjDfhOtaW6P+QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3OWJlZTUyLWY0Y2UtNGZmZS1hMGViLWI2MzRiMDcyMDNmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFILCIwDQYJKoZIhvcNAQELBQADggEBALDDG90F+BgsgEV1Qq9xH57Ad3GV
HZpoHfNOWajOvTxiuf2+UfeexGcvIGkM1rXhCg1i1RFOMFnvaBBPTPvL9FfWHRzh
Bm8+wyIPNS5C9WYat5U81S/RDkVc7/A0lHCa+GudDjrer2MxbVfrmpxVIYz3pz/6
xvxYL1PbBMIvordpJDo6xnfgK2sp0sJ99BKJ/7XAUTBdH44DPKk4he4G4aIpBZXF
16J0N7zOe8ijr78BMLEGIp4hqupRsjAprKQdiMliYG3pofp02pBAhWrAzoqRVb9A
bPwzgBQSqzDGe7LYcI8cpd3wnEJ50pb89B7jVyUMqUGhJwIOdgjHUPwSrkU=
-----END CERTIFICATE-----